Protect your information online

Every day, through social media, emails, texts and online searches, you consciously — or unconsciously — surrender bits of personal information. In exchange for those free online services, you hand over details about your interests and your tastes as well as confidential information that can compromise your privacy.

The way much of your data is compiled and appropriated can’t be controlled — unless you go entirely off the grid. But there are steps you can take to minimize your exposure on the web:

> Encrypt your text messages Throughout history people have designed mechanisms to obscure messages from prying eyes and unintended recipients. An ancient Egyptian scribe jumbled the use of standard hieroglyphs in an inscription to hide its meaning. Julius Caesar disguised letters to his generals by creating a cipher. The Nazis relied on the Enigma machine to conceal their military tactics.

Today, you can use Signal, a private messenger app that encrypts the texts you send. (This app has the seal of approval of Edward Snowden, who famously leaked classified information from the U.S. National Security Agency.)

But Signal has a catch. Both the sender and the recipient have to download the app in order for it work. Signal is available for the iOS and Android operating systems and is free of charge.

> Implement uniform safeguards across devices Bring-your-own-device programs often complicate efforts to keep data secure, says Ali Miri, research director at the Privacy and Big Data Institute, Ryerson University, in Toronto. That’s because not all devices have been outfitted with a security infrastructure strong enough to prevent data leaks and hacks.

“Nowadays, information comes from different sources, and that information doesn’t stay in one place,” Miri says. “We used to require people to come to work and use the machine assigned to them.”

If your team can access sensitive work-related information from anywhere, it’s important to outline a set of guidelines. Rules can cover everything from how to store and delete company data properly to what happens to the data of an employee who leaves your practice.

> Enable two-factor authentication Many sites and platforms, such as Gmail and Twitter, offer two-factor authentication, a security feature that can reduce your vulnerability to hackers.

If, for example, you should attempt to log into your email account on a public computer, you would need to provide both your password and a security code the provider will send to a trusted device — usually your cellphone.

> Control levels of access to shared information Develop an in-house policy that sets out who has access to the various levels of information held within your office. You should have a system in place for identifying and tracking who can view sensitive information and for what purpose, Miri says.

You can set rules of access according to each team member’s responsibilities. For example, the person primarily in charge of running your social media program would be one of the few people on your team to have full access to your social media accounts. That person should be versed in the internal policies that inform how you use social media in your business.